|In this role, you will report to the Chief Information Officer (CIO) and be responsible for implementing and operating security programs to protect computer systems, networks and data. You will determine application security requirements, plan, test and implement security controls and develop security standards, policies and procedures.
• Serve as point person and primary point of contact for Managed Security Services Provider (MSSP)
• Work with MSSP to maintain Security information and Event Management (SIEM) tool, develop alert procedures, respond to security incidents and escalate incidents as necessary
• Routinely perform threat hunting to search for Indicators of compromise alongside third party Incident Responders
• Triage phishing emails in a sandboxed environment and perform basic malware analysis
• Maintain security systems to generate alert use cases and work with MSSP to triage alerts and perform network forensics
• Manage the research, approval and deployment of vendor security and application patches to all endpoints
• Conduct risk assessments to evaluate the effectiveness of existing IT controls
• Provide technical guidance and recommendations for new products and services.
• Maintain and implement IT security policies, standards, procedures and protocols
• Conduct vulnerability scans and prioritize results for patching effort. Collaborate with other teams in the IT department to remediate vulnerabilities as necessary.
• Promote a high degree of data security awareness in the firm
• Participate in the maintenance of the firm's Disaster Recovery and Business Continuity Plan
• Gather documentation/technical information in support of audit requests and issue remediation efforts.
• Assist in client audits, responding to third party inquiries, and implementing a third party risk management program
• Create and maintain documentation on Firm information security procedures
• Assist with annual Firm-wide security awareness training
• Stay current with applicable government regulations and requirements
• Enforce security best practices across all firm systems
• Assumes additional responsibilities as needed
• Bachelor's degree in Computer Science, Information Security, or related field
• 4+ years' experience in network/systems administration and 2+ years in security
• CISSP, CISA, GCIH, or other related information security certifications
• Demonstrates strong problem solving, analytical, interpersonal, and ownership skills
• Possesses excellent collaboration skills for work with various internal team members
• An understanding of security concepts, encryption, system hardening, defense-in-depth designs, advanced persistent threats, anomaly detection and next-generation technologies
• Working knowledge and experience with any of the following technologies: VA, SIEM, DLP, IPS/IDS, AV, MFA, VPN, FW, AD, Wireless, ACL's, & Port Scanning
• Experience with event logging and correlation in SOC or CSIRT
• Experience with endpoint/network forensics and malware analysis
• Advanced knowledge of the Windows operating system
• Knowledge of ISO 27001 and SOC2
• Knowledge of rules and regulations related to GLBA, HIPAA, Mass Privacy, etc.
• Knowledge of a variety of security tools
• Knowledge of Mitre ATTA&CK framework a plus
• Experience with WMI, PowerShell and Python a plus